transferring the first protection rule from said server to the portal; 

receiving at the portal the communication transaction; 

applying at the portal the first protection rule to the commimication 
transaction; 

preventing at the portal the transfer of the communication transaction if 
required by the first protection rule; 

selectively transferring from the portal to the server at least a portion of 
the communication transaction even if the first protection rule allows 
transfer of the commimication transaction; and 

selectively creating at the server a second protection rule in response to 
said portion of the communication transaction. 

Remarks 

With respect to the Cross Reference to Related Application, Applicants 
have herein amended the specification to indicate the abandoned status thereof. 

With respect to the rejection of claims 1-19 under 35 U.S.C. § 103 (a). 
Applicants wish to note that the Manual of Patent Examining Procedures (MPEP) 
§ 2142 provides, inter alia: 

The legal concept of prima facie obviousness is a procedural tool of 
examination which applies broadly to all arts. It allocates who has the 
burden of going forward with production of evidence in each step of the 
examination process. See In re Rinehart , 531 F.2d 1048, 189 USPQ 143 
(CCPA 1976); In re Linter , 458 F.2d 1013, 173 USPQ 560 (CCPA 1972); In re 
Saunders , 444 F.2d 599, 170 USPQ 213 (CCPA 1971); In re Tiffin , 443 F.2d 
394, 170 USPQ 88 (CCPA 1971), amended , 448 F.2d 791, 171 USPQ 294 
(CCPA 1971); In re Warner , 379 F.2d 1011, 154 USPQ 173 (CCPA 1967), 
cert, denied , 389 U.S. 1057 (1968). The examiner bears the initial burden of 
factually supporting any prima facie conclusion of obviousness. If the 
examiner does not produce a prima facie case, the applicant is under no 
obligation to submit evidence of nonobviousness. If, however, the 
examiner does produce a prima facie case, the burden of coming forward 
with evidence or arguments shifts to the applicant who may submit 
additional evidence of nonobviousness, such as comparative test data 
showing that the claimed invention possesses improved properties not 
expected by the prior art. The initial evaluation of prima facie obviousness 
thus relieves both the examiner and applicant from evaluating evidence 
beyond the prior art and the evidence in the specification as filed until the 
art has been shown to suggest the claimed invention. 

To establish a prima facie case of obviousness, three basic criteria must be 
met. First, there must be some suggestion or motivation, either in the 
references themselves or in the knowledge generally available to one of 
ordinary skill in the art, to modify the reference or to combine reference 
teachings. Second, there must be a reasonable expectation of success. 
Finally, the prior art reference (or references when combined) must teach 
or suggest all the claim limitations. The teaching or suggestion to make 
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the claimed combination and the reasonable expectation of success must 
both be fovmd in the prior art, and not based on applicant's disclosure. In 
re Vaeck , 947 F.2d 488, 20 USPQ2d 1438 (Fed. Cir. 1991). See MPEP § 2143 - 
§ 2143.03 for decisions pertinent to each of these criteria, (emphasis 
added.) 

In support of the rejection of claims 1-4, 9-13, 18 and 19 as being 
unpatentable over Nessett in view of Sheldon, the Examiner has attempted to 
identify in either Nessett or Sheldon those structures or functions that 
correspond to each of the limitations in Applicants' claims. In this regard. 
Applicants respectfully submit that the Examiner has either misinterpreted the 
language of Applicants' claims or misunderstood the cited references. As a 
result. Applicants believe that the Examiner has failed to establish a prima facie 
case of obviousness. 

1. In both claims 1 and 10, line 10, Applicant's portal is expressly 
characterized as being capable of ''selectively transfer[ring] the database of 
protection rules from the server via the untrustworthy network" 
(emphasis added). In Applicants' specification, page 8, lines 3-10, 
Applicants have given an example of how each portal will selectively 
update its own 'local protection rule base". (See, also, page 8, lines 27-31.) 
In the Office Action, the Examiner has broadly asserted that "[u] dates to 
the security policy statements (protection rules) are selectively transferred 
from the network management station's (server) database to the firewalls 
(portals) across the Internet (untrustworthy network)", citing in support 
thereof Nessett, col. 9, lines 17-32 and col. 10, lines 28-31. However, the 
Examiner failed to take into account where, in the Nessett system, such 
selectivity is effected. According to the cited clause of col. 9, in Nessett, the 
"security poUcy management back end translates the rules ... and creates 
node specific security policy configuration data that it distributes to the 
network nodes it has chosen." (emphasis added). Thus, in Nessett, it is the 
"server" that "selectively" transfers the protection rules, whereas, in 
Applicant's claim 1 (as well as claim 10), it is the portal that "selectively" 
transfers those rules. Further, the Examiner has identified no such portal- 
side selectivity in Sheldon. Thus, the Examiner has failed to establish a 
prima facie case of obviousness because, at a minimum, the Examiner has 
produced no reference (or references when combined) that teach or 
suggest this claim limitation. Thus, since the rejections of claims 1 and 10 
are improper, the rejections of all claims depending therefrom, namely 2-9 
and 11-18, are also improper. 

2. Notwithstanding that the rejections of claims 2 and 11 are improper 
as noted in ^ 1, above. Applicants wish to point out that the clause in 
Nessett cited by the Examiner in support of these rejections (col. 16, lines 
21-24) fails to indicate whether or not any such "cryptography" is used in 
the process of transferring the protection rule database, per se. Indeed, 
just a few lines earlier, i.e., in lines 13-20, Nessett specifically identifies "two 
places" where "protected communications is an important service", and 
neither appears to cover the transfer of the protection rule database. In 
view of this. Applicants respectfully submit that the Examiner has 
produced no reference (or references when combined) that teach or 
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suggest this claim limitation. Thus, independent of the rejection of the 
respective parent claims, the express rejection of claims 2 and 11 are 
improper. 

3. Notwithstanding that the rejections of claims 3 and 12 are improper 
as noted in ^ 1, above. Applicants wish to point out that the clause in 
Nessett cited by the Examiner in support of these rejections (col. 17, lines 
32-40, see. Office Action, page 4, line 21, through page 5, line 2) fails to 
teach or even suggest that a portal may ''selectively transfer[ a] received 
communication transaction [even if that transaction violates a protection 
mle, provided that] said protection rule is of the guard class" (claims 3 and 
12, lines 10-14). In Applicants' specification, page 10, lines 6-13, Applicants 
have given examples of how each portal may selectively transfer a 
transaction even if it is found to violate a "Guard rule". In the Office 
Action, the teachings of Nessett have been "interpreted by the examiner" 
such that Nessett selects between "two classes namely an exclusion class 
that denies network traffic ... and a guard class that permits the transfer of 
network traffic" (Office Action, page 5, lines 2-7), citing in support thereof 
Nessett, col. 17, lines 32-40. According to the cited clause of col. 17, in 
Nessett, "traffic is denied, allowed or transformed." (col. 17, lines 39-40). 
Thus, in Nessett, there appears to be no ability to selectively allow traffic, 
nor is there any suggestion that such functionality could be provided. 
Further, the Examiner has identified no such selectivity in Sheldon. Thus, 
the Examiner has failed to establish a prima facie case of obviousness 
because, at a minimum, the Examiner has produced no reference (or 
references when combined) that teach or suggest this claim limitation. 
Thus, since the rejections of claims 3 and 12 are improper, the rejections of 
all claims depending therefrom, namely 4-9 and 13-18, are also improper, 
independent of the rejection of the respective parent claims. 

4. Notwithstanding that the rejections of claims 4 and 13 are improper 
as noted in ^fl and 3, above. Applicants wish to point out that the clauses 
in Nessett cited by the Examiner in support of these rejections (col. 9, lines 
17-32 and col. 10, lines 28-31) fail to teach or even suggest that a "portal 
[may ]selectively transfer[] to the server at least a portion of each received 
communication transaction" (claims 4 and 13, lines 1-2, emphasis added). 
In Applicants' specification, page 7, lines 12-19, Applicants have given an 
example of how each portal will selectively transfer to the server selected 
portions of a transaction if it is found to be "unexpected". (See, also, page 
14, line 17, through page 15, line 6.) In the Office Action, the Examiner has 
identified no portion of Nessett in which any such functionality is either 
taught or suggested. Indeed, in Nessett, there appears to be no ability 
whatsoever for a portal-like device to selectively transfer back to the 
server any portion of any transactions, nor is there any suggestion that 
such functionality could be provided. Further, the Examiner has identified 
no such selectivity in Sheldon. Thus, the Examiner has failed to establish a 
prima facie case of obviousness because, at a minimum, the Examiner has 
produced no reference (or references when combined) that teach or 
suggest this claim limitation. Thus, since the rejections of claims 4 and 13 
are improper, the rejections of all claims depending therefrom, namely 5-9 
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and 14-18, are also improper, independent of the rejection of the 
respective parent claims. 

5. In claim 19, line 9, Applicant's portal is expressly characterized as 
being capable of ''selectively transferring the database of protection rules 
from the server via the untrustworthy network" (emphasis added). In 
Applicants' specification, page 8, lines 3-10, Applicants have given an 
example of how each portal will selectively update its own "local protection 
rule base". (See, also, page 8, lines 27-31.) In the Office Action, the 
Examiner has broadly asserted that "[u] dates to the security policy 
statements (protection rules) are selectively transferred from the network 
management station's (server) database to the firewalls (portals) across 
the Internet (untrustworthy network)", citing in support thereof Nessett, 
col. 9, lines 17-32 and col. 10, lines 28-31. However, the Examiner failed to 
take into account where, in the Nessett system, such selectivity is effected. 
According to the cited clause of col. 9, in Nessett, the "security policy 
management back end translates the rules ... and creates node specific 
security policy configuration data that it distributes to the network nodes 
it has chosen." (emphasis added). Thus, in Nessett, it is the "server" that 
"selectively" transfers the protection rules, whereas, in Applicant's claim 
19, it is the portal that "selectively" transfers those rules. Further, the 
Examiner has identified no such portal-side selectivity in Sheldon. Thus, 
the Examiner has failed to establish a prima facie case of obviousness 
because, at a minimum, the Examiner has produced no reference (or 
references when combined) that teach or suggest this claim limitation. 
Thus, the rejection of claim 19 is improper. 

In support of the rejection of claims 5-8 and 14-17 as being unpatentable 
over Nessett in view of Sheldon in further view of Joyce, the Examiner has 
attempted to identify in either Nessett or Sheldon or Joyce those structures or 
functions that correspond to each of the limitations in Applicants claims. In this 
regard. Applicants respectfully submit that the Examiner has either 
misinterpreted the language of Applicants' claims or misunderstood the cited 
references. 

1. Notwithstanding that the rejections of claims 5 and 14 are improper 
as noted in ^^1, 3 and 4, above. Applicants wish to point out that the 
clauses in Nessett expressly cited by the Examiner in support of these 
rejections (primarily col. 17, lines 32-40) fail to teach or even suggest that a 
"server, in response to receiving [from a portal a] portion of a 
communication transaction analyzes said portion [and, under certain 
circumstances] constructs a new protection rule [then] adds said new 
protection rule to [the protection rule] database" (claim 5, lines 1-7, 
emphasis added; c/., claim 14, lines 2-10). In Applicants' specification, 
page 7, line 20, through page 8, line 3, Applicants have given an example 
of how the server will receive selected portions of transactions sent to it 
by a portal, analyze those portions and, if foimd to constitute a threat, 
automatically construct a new rule of appropriate scope. (See, also, page 
15, lines 18-20, and page 15, line 27, through page 16, line 10.) In the Office 
Action, the Examiner has identified no portion of Nessett in which any 
such fimctionality is either taught or suggested. Indeed, in Nessett, there 
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appears to be no ability whatsoever for the server-like device to receive 
any thing from a portal-like device, much less any portion of any 
transactions; nor is there any suggestion that such functionality could be 
provided. Further, the Examiner has identified no such selectivity in 
either Sheldon or Joyce. Thus, the Examiner has failed to establish a prima 
facie case of obviousness because, at a minimum, the Exaininer has 
produced no reference (or references when combined) that teach or 
suggest this claim limitation. Thus, since the rejections of claims 5 and 14 
are improper, the rejections of all claims depending therefrom, namely 6-8 
and 15-18, are also improper, independent of the rejection of the 
respective parent claims. 

New Claims : 

Applicants have herein added new independent claims 20, 21, 22 and 23, 
each of which particularly points out and distinctly claims what Applicants 
believe to be an independently patentable embodiment of Applicants' invention 
as described in the application as filed. Applicants have herein enclosed the 
appropriate fees and Fee Transmittal record. 

Conclusion : 

Applicants respectfully request entry of the amendment proposed 
hereinabove. Further, Applicants respectfully submit that claims 1-23 are 
allowable over the cited art. Therefore, in the belief that we have responded to 
each and every rejection contained in the Office Action of 10 February 2004, 
Applicants respectfully request reconsideration and allowance of claims 1-23. 

Respectfully submitted, 
Stuart D. Green, et al 

Jeffrey Wn My^re/ 
Attorney for >^q:jpicants 
Reg. No. 27,362 
Ph: 512/858-7453 
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